These days I build training-data systems for frontier model development, and audit a handful of bug bounty programs on the side. I work primarily in C, C++, Rust, and Python; Go, TypeScript, and Solidity show up when the target calls for it.
- Monitoring platform. Integer overflow in a widely used C codebase, found by manual audit; working PoC.
- Blockchain VM allocator. Resource-limit bypass and state-rollback inconsistencies in mempool block construction.
- DeFi protocol SDK. Missing validation of leaf values, refund outputs, and timelocks during transfer receipt.
- AI training pipeline. Coding-task specs, test suites, and QA for RL-trained frontier models; tooling to calibrate difficulty.
- iExtract. Pulls iMessages and SMS out of iTunes backups into CSV.
- Home lab. ESXi, pfSense, AWS, Terraform; the usual self-hosted assortment.
nehemiyawicks.github.io · nehemiyawicks@proton.me · linkedin · hackerone